Summary
Four housekeeping issues found in feat-paysys-poc by comparison with the equivalent fixes applied to TADP (PR #385).
Issue 1 - Silent fallthrough on unrecognised transaction type (High)
handleTransaction in src/logic.service.ts uses two separate if statements instead of an if / else if / else chain:
let transactionId = '';
if (isPacs002Transaction(transaction)) {
transactionId = transaction.FIToFIPmtSts.GrpHdr.MsgId;
}
if (isBaseMessageTransaction(transaction)) {
transactionId = transaction.MsgId;
}
// no else - processing continues with transactionId = '' for unknown typesAn unrecognised transaction type (future third type, malformed message) silently proceeds with transactionId = '', producing a malformed Redis cache key <tenantId>:. All unknown types collide on the same key, corrupting aggregated rule results.
Fix: Collapse to if / else if / else, uninitialise let transactionId: string, add explicit loggerService.error + return in the else branch. The uninitialised declaration forces TypeScript to prove definite assignment through every branch - a missing else becomes a compile error.
Issue 2 - No unsupported-type test (High)
There is no test for the unrecognised transaction type path in __tests__/unit/logic.service.test.ts. Follows from Issue 1 - there is no code path to test.
Fix: Add a test that passes an object satisfying neither isPacs002Transaction nor isBaseMessageTransaction and asserts handleResponse is never called.
Issue 3 - Internal import path for type guards (Low)
import { isBaseMessageTransaction, isPacs002Transaction } from '@tazama-lf/frms-coe-lib/lib/helpers/transactionTypeGuards';Imports from an internal module path. If frms-coe-lib reorganises its internals, this breaks without a semver bump.
Fix: Import from the library root export: from '@tazama-lf/frms-coe-lib'.
Issue 4 - ESLint version not bumped (High)
ESLint 9.39.0 (resolved by ^9.36.0) has a confirmed regression that crashes the unified-signatures rule on union types - exactly the type introduced by SupportedTransactionMessage. This means husky pre-commit hooks are broken at the current ESLint version.
Fix: Bump to ^9.39.4.
Issue 5 - Dependabot not targeting dev
dependabot.yml has no target-branch configured, so automated dependency PRs target the repo default branch (main) rather than dev.
Fix: Add target-branch: 'dev' to the npm ecosystem entry.
Summary
Four housekeeping issues found in
feat-paysys-pocby comparison with the equivalent fixes applied to TADP (PR #385).Issue 1 - Silent fallthrough on unrecognised transaction type (High)
handleTransactioninsrc/logic.service.tsuses two separateifstatements instead of anif / else if / elsechain:An unrecognised transaction type (future third type, malformed message) silently proceeds with
transactionId = '', producing a malformed Redis cache key<tenantId>:. All unknown types collide on the same key, corrupting aggregated rule results.Fix: Collapse to
if / else if / else, uninitialiselet transactionId: string, add explicitloggerService.error+returnin the else branch. The uninitialised declaration forces TypeScript to prove definite assignment through every branch - a missing else becomes a compile error.Issue 2 - No unsupported-type test (High)
There is no test for the unrecognised transaction type path in
__tests__/unit/logic.service.test.ts. Follows from Issue 1 - there is no code path to test.Fix: Add a test that passes an object satisfying neither
isPacs002TransactionnorisBaseMessageTransactionand assertshandleResponseis never called.Issue 3 - Internal import path for type guards (Low)
Imports from an internal module path. If
frms-coe-libreorganises its internals, this breaks without a semver bump.Fix: Import from the library root export:
from '@tazama-lf/frms-coe-lib'.Issue 4 - ESLint version not bumped (High)
ESLint 9.39.0 (resolved by
^9.36.0) has a confirmed regression that crashes theunified-signaturesrule on union types - exactly the type introduced bySupportedTransactionMessage. This means husky pre-commit hooks are broken at the current ESLint version.Fix: Bump to
^9.39.4.Issue 5 - Dependabot not targeting
devdependabot.ymlhas notarget-branchconfigured, so automated dependency PRs target the repo default branch (main) rather thandev.Fix: Add
target-branch: 'dev'to the npm ecosystem entry.